Roku says more than 500,000 accounts impacted in cyberattack

3 weeks ago AndyC

Streaming service provider Roku said it identified a second cyberattack that impacted about 576,000 additional accounts while investigating a breach that affected 15,000 user accounts earlier this year.

Roku says more than 500,000 accounts impacted in cyberattack

Streaming service provider Roku said it identified a second cyberattack that impacted about 576,000 additional accounts while investigating a breach that affected 15,000 user accounts earlier this year.




Roku says more than 500,000 accounts impacted in cyberattack










The company, which had more than 80 million active accounts, said the hackers did not gain access to any sensitive information such as full credit card numbers or other payment details.

However, the company said it identified less than 400 cases where the information was used to make unauthorised purchases of streaming service subscriptions and hardware products using the payment method stored in the accounts.

The company said it would refund or reverse charges for accounts where it has determined unauthorized purchases have been made as part of the attack.

Roku pinned the unauthorised access to “credential stuffing”, where users may have used the same credentials across different platforms.

Meanwhile, the company has enabled a two-factor authentication for all the accounts to beef up security controls.



About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Report Finds CISOs Struggle to Maintain Operational Security

Report Finds CISOs Struggle to Maintain Operational Security

13 hours ago AndyC
Telstra to push back 3G switch-off

Telstra to push back 3G switch-off

16 hours ago AndyC
Nick Ellsmore to Lead Mantel Group’s Cybersecurity Capabilities

Nick Ellsmore to Lead Mantel Group’s Cybersecurity Capabilities

19 hours ago AndyC
NBN Co CEO Stephen Rue to lead Optus

NBN Co CEO Stephen Rue to lead Optus

19 hours ago AndyC
Rapid detection and response are the foundation of an effective cloud security strategy

Rapid detection and response are the foundation of an effective cloud security strategy

19 hours ago AndyC
Why e-commerce security is a balancing act between speed and protection

Why e-commerce security is a balancing act between speed and protection

19 hours ago AndyC

You may have missed

Key Insights from the OpenText 2024 Threat Perspective

Key Insights from the OpenText 2024 Threat Perspective

36 mins ago AndyC
City of Wichita hit by a ransomware attack

City of Wichita hit by a ransomware attack

36 mins ago AndyC
Why Your VPN May Not Be As Secure As It Claims – Krebs on Security

Why Your VPN May Not Be As Secure As It Claims – Krebs on Security

37 mins ago AndyC
GenAI is to data visibility what absolute zero is to a hot summer day

GenAI is to data visibility what absolute zero is to a hot summer day

41 mins ago AndyC
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution

Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution

41 mins ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.